Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca5ecc2-6bbe-4ab5-b255-2b8de367dec7.roa
File:                     1ca5ecc2-6bbe-4ab5-b255-2b8de367dec7.roa (raw, json)
Hash identifier:          PiQCEBCOUxk1VTvbkv+QkeiiMa253QYZGic7Q/9F34o=
Subject key identifier:   8D:73:77:34:15:28:F8:89:79:B4:98:36:80:62:2F:18:E7:D3:A4:C8
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0AA3672A65D8BF4334F8FCA6BAB9A9B5CFB8BC9E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca5ecc2-6bbe-4ab5-b255-2b8de367dec7.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:8080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:a3:67:2a:65:d8:bf:43:34:f8:fc:a6:ba:b9:a9:b5:cf:b8:bc:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=fdac6f915276267c8e13196e1ed904faf6fc37855b946fe46ce18931fb40978c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:82:61:1c:4d:98:71:9f:a0:c3:fa:3b:ca:4b:
                    a8:dc:ab:74:13:86:0d:aa:38:dd:28:f2:d4:d6:8a:
                    58:82:74:c7:c3:e1:5b:9f:44:36:45:79:cc:2f:79:
                    e3:eb:77:8f:ad:f4:58:2f:84:a1:58:8b:b8:f0:4b:
                    a3:96:af:81:f9:47:bf:f6:af:d2:7f:0a:89:4f:60:
                    64:52:fe:7e:36:24:98:9d:4d:39:1d:a2:cd:42:33:
                    ec:58:96:c0:d7:59:50:d1:ea:fc:ee:28:46:9f:af:
                    06:23:d5:88:37:9f:09:39:a4:1f:f2:6b:3a:9f:18:
                    7f:6b:6a:a4:b5:4b:ab:db:7c:46:87:04:eb:76:f8:
                    d4:a0:7c:81:96:a8:68:55:a9:b4:16:be:64:6c:ff:
                    ac:ad:be:c2:5d:a0:95:55:7f:d7:00:4b:d9:f6:c8:
                    5d:05:58:af:66:c5:6b:a7:d4:f0:1d:f5:92:82:35:
                    d0:23:c4:26:ca:17:d1:10:94:04:cd:f9:d7:cd:d0:
                    65:39:ca:3e:3c:07:e0:6a:89:57:8e:80:41:5d:14:
                    91:f6:93:ce:78:79:25:42:c1:f1:9e:6a:89:33:ef:
                    f4:ce:67:01:ec:4e:c7:23:ad:c3:01:ee:bb:35:6a:
                    8d:ee:00:49:7a:08:64:a4:e6:57:85:f1:99:a1:59:
                    98:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:73:77:34:15:28:F8:89:79:B4:98:36:80:62:2F:18:E7:D3:A4:C8
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ca5ecc2-6bbe-4ab5-b255-2b8de367dec7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:8080::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:5a:d5:ee:9f:ca:4f:9d:17:42:c1:b7:a9:87:63:69:92:d3:
         64:da:cb:77:d8:7f:3a:bd:08:91:a8:e4:d8:28:fd:07:ea:ac:
         f7:90:f9:a9:15:19:25:30:e0:b4:12:6a:e9:4e:4d:78:88:3a:
         e7:50:ea:c1:91:c6:22:93:83:8d:68:37:c2:0c:69:ea:33:da:
         aa:f2:28:b3:92:f8:78:97:66:12:32:99:27:5d:ac:ca:14:a9:
         f9:3b:91:ae:66:e3:e7:97:5d:12:e8:72:64:d7:16:73:6c:0b:
         87:80:37:39:fe:2b:77:eb:3f:59:0e:08:ce:75:0d:88:9a:29:
         b6:25:a9:5c:bf:61:4d:07:36:b8:c0:f2:da:c5:5f:20:b4:8d:
         1e:f7:08:cc:36:2d:4c:9f:e4:e1:72:82:bd:c7:bb:74:08:74:
         d7:60:55:4b:72:5f:a8:e5:1e:62:8c:96:07:9c:1a:a1:73:4d:
         ea:8f:b3:97:5a:73:65:46:91:1b:41:1d:43:9e:7a:38:52:a7:
         df:d4:a4:77:32:06:32:cd:cb:b0:c8:f3:fb:5f:40:f4:15:61:
         ad:5c:c3:e2:73:f9:a6:de:28:e9:3e:41:b2:93:69:67:45:d7:
         7b:c9:ad:c8:b2:41:f8:4b:23:c3:ee:43:79:b8:0a:b0:e5:fc:
         59:9e:f4:99
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCqNnKmXYv0M0+Pymurmptc+4vJ4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZmRhYzZmOTE1Mjc2MjY3YzhlMTMx
OTZlMWVkOTA0ZmFmNmZjMzc4NTViOTQ2ZmU0NmNlMTg5MzFmYjQwOTc4YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYJhHE2YcZ+gw/o7ykuo3Kt0E4YN
qjjdKPLU1opYgnTHw+Fbn0Q2RXnML3nj63ePrfRYL4ShWIu48Eujlq+B+Ue/9q/S
fwqJT2BkUv5+NiSYnU05HaLNQjPsWJbA11lQ0er87ihGn68GI9WIN58JOaQf8ms6
nxh/a2qktUur23xGhwTrdvjUoHyBlqhoVam0Fr5kbP+srb7CXaCVVX/XAEvZ9shd
BVivZsVrp9TwHfWSgjXQI8QmyhfREJQEzfnXzdBlOco+PAfgaolXjoBBXRSR9pPO
eHklQsHxnmqJM+/0zmcB7E7HI63DAe67NWqN7gBJeghkpOZXhfGZoVmY5QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFI1zdzQVKPiJebSYNoBiLxjn06TIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFjYTVlY2MyLTZiYmUtNGFiNS1iMjU1LTJiOGRlMzY3ZGVjNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYYCAMA0GCSqGSIb3DQEBCwUAA4IBAQBPWtXun8pPnRdCwbep
h2NpktNk2st32H86vQiRqOTYKP0H6qz3kPmpFRklMOC0EmrpTk14iDrnUOrBkcYi
k4ONaDfCDGnqM9qq8iizkvh4l2YSMpknXazKFKn5O5GuZuPnl10S6HJk1xZzbAuH
gDc5/it36z9ZDgjOdQ2Imim2Jalcv2FNBza4wPLaxV8gtI0e9wjMNi1Mn+ThcoK9
x7t0CHTXYFVLcl+o5R5ijJYHnBqhc03qj7OXWnNlRpEbQR1Dnno4Uqff1KR3MgYy
zcuwyPP7X0D0FWGtXMPic/mm3ijpPkGyk2lnRdd7ya3IskH4SyPD7kN5uAqw5fxZ
nvSZ
-----END CERTIFICATE-----